Skip to main content

okftools to achieve overloading kernel function under Linux 5.19

Project description

项目名称:

    基于系统调用重载的系统级资源访问审计

项目团队

    麻家乐 王梓睿 孙靖轩 张天铄 汪何希

主要工作

    1. 获取系统调用表 sys_call_table。
    2. 实现系统函数重载和地址写入。
    3. 实现内核和用户层间的信息交互。
    4. 将信息保存为日志及尝试相关扩展处理。
    5. 实现了图形化界面,提供可视化操作方便用户使用。

开发环境

    Ubuntu 22.04  linux-5.19

使用方法

    1.pip install okftools

图1 pip install okftools
    2.pip show okftools

图2 pip show okftools
    3.cd the okftools path

    4.python okftools_setup.py or python3 okftools_setup.py 


图3 python okftools_setup.py
    5. input the following command to use okftools
            ./oktfools

图4 oktfools

注意事项

    * If the following error occurs:
            libGL error: failed to load driver: swrast.
            libGL error: failed to load driver: vmwgfx
    * please try:
            conda install -c conda-forge gcc=12.1.0

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

okftools-0.1.0a2.tar.gz (188.4 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page